As part of the series for ESXi 6.5 this post should give you an idea of how to handle a ESXi image build in detail. No long introduction. Let’s start:

Preparation

1. Get you the latest ESXi 6.5 offline bundle available from
   VMware Patch Repository (MyVMware Login required)
   
   
2. Get the required drivers and agents from HPEFirst check the recipe for the right firmware and driver combinations. This maybe requires you to update firmware on your boxes.
   HPE ProLiant server and option firmware and driver support recipe 
   
   Download the required drivers for the latest folder container esxi-650-* hierachie
   http://vibsdepot.hpe.com/hpe/nov2016/
   (alternatively you could connect this online, but have to build the image without a proper internet connection)
   
   The “esxi-650-devicedrivers” folder contains the right offline bundles for the drivers. Pick the ones you need for your hardware. If you have no idea how to find our what driver is required, please play around a little bit with the “esxcfg-*” commands on the ESXi Shell. List your network and storage adapters on an existing ESXi, best installed with vendor image, and note down the drivers are used.
   
   The “esxi-650-bundles” contains all additional agents and tooling. Just download the hpe-esxi6.5uX-bundle-* file as this does contain the  hpe-smx-provider CIM provider integration you need for proper hardware monitoring.Some of the drivers are double zipped. Just extract the first layer so you have the offline bundle. The second zip file should not contain any further *.zip file, but *.vib or a vib20 folder.
   
   
3. Setup a PowerCLI 6.5 environment on a compatible Windows machine

Build

1. Load the VMware ESXi vanilla image
   

   Add-EsxSoftwareDepot .\ESXi650-201703002.zip

2. Clone it for further modification

   PS> Get-EsxImageProfile | Select Name
   
   Name
   ----
   ESXi-6.5.0-20170304101-standard
   ESXi-6.5.0-20170304101-no-tools

   Select the standard image. For other patch offline depots you might see for Image Profiles. Pick the standard one without “s” behind the number.

   New-EsxImageProfile -CloneProfile ESXi-6.5.0-20170304101-standard -Name "ESXi-650-custom-hpe-hardened"  -Vendor "schoen computing"

   The Acceptance Level gets automatically inherited from the source image. You don’t need to explicitly specify the parameter.
   
   
3. Remove packages

   Remove-EsxSoftwarePackage -ImageProfile ESXi-650-custom-hpe-hardened -SoftwarePackage xhci-xhci

   I removed these packages for my use case:

   sata-ata-piix
   net-usbnet
   sata-sata-sil
   lsi-msgpt2
   scsi-megaraid2
   scsi-mptspi
   ata-pata-hpt3x2n
   shim-libata-9-2-1-0
   net-forcedeth
   scsi-mpt2sas
   ata-pata-pdc2027x
   scsi-megaraid-mbox
   lsu-hp-hpsa-plugin
   ata-pata-cmd64x
   ata-pata-serverworks
   lsu-lsi-mpt2sas-plugin
   ata-pata-atiixp
   shim-iscsi-linux-9-2-2-0
   mtip32xx-native
   scsi-adp94xx
   nmlx4-en
   lsu-lsi-lsi-msgpt3-plugin
   misc-cnic-register
   scsi-bnx2i
   net-bnx2x
   net-fcoe
   scsi-aacraid
   scsi-qla4xxx
   scsi-megaraid-sas
   ata-pata-sil680
   scsi-iscsi-linux-92
   scsi-aic79xx
   net-nx-nic
   shim-libfc-9-2-1-0
   net-bnx2
   ata-pata-via
   lsu-lsi-megaraid-sas-plugin
   i40en
   net-cnic
   net-vmxnet3
   emulex-esx-elxnetcli
   shim-libfc-9-2-2-0
   nvme
   scsi-ips
   qfle3
   net-enic
   scsi-bnx2fc
   net-mlx4-en
   shim-libfcoe-9-2-2-0
   nvmxnet3
   sata-sata-nv
   vmware-esx-esxcli-nvme-plugin
   lsu-lsi-lsi-mr3-plugin
   net-cdc-ether
   usb-storage-usb-storage
   sata-sata-promise
   scsi-mptsas
   scsi-hpsa
   nmlx4-rdma
   ata-pata-amd
   pvscsi
   net-mlx4-core
   shim-libfcoe-9-2-1-0
   lsi-mr3
   nhpsa
   shim-vmklinux-9-2-1-0
   block-cciss
   scsi-fnic
   lsi-msgpt3
   nmlx4-core
   qlnativefc
   shim-libata-9-2-2-0
   lpfc
   nmlx5-core
   sata-sata-svw
   ima-qla4xxx
   nenic
   elxnet
   qedentv
   sata-sata-sil24
   shim-iscsi-linux-9-2-1-0

   This list does also contain drivers now get removed, but later added from the HPE depot in a newer version.
   
   Attention: Not all packages can be removed in the listed order as there dependencies between them. If the CLI does not allow you to remove a package as it is a required for another package, just remove the other first and try again.
   
   
4. Export the stripped image

   Export-EsxImageProfile -ImageProfile ESXi-650-custom-hpe-hardened -ExportToBundle -FilePath .\ESXi-650-custom-hpe-hardened.zip

   This image now does contain only the left packages. I prefer now to close the PowerCLI session and load the exported image in a new session like in step 1.
   
   
5. Add HPE offline depots

   Add-EsxSoftwareDepot .\<hpe driver/bundle>.zip

   Add all downloaded and extracted zips in the way above.
   
   
6. Add the HPE packages to the image

   Add-EsxSoftwarePackage -ImageProfile ESXi-650-custom-hpe-hardened -SoftwarePackage <package name>

   The package names can be get from the offline depot zip files. These contain a folder for each package name in  vib20  folder. For my use case these packages were added:

   net-bnx2x
   hpe-esxi-fc-enablement
   net-bnx2
   misc-cnic-register
   qfle3
   scsi-mpt2sas
   lpfc
   hpe-smx-provider
   net-cnic
   nhpsa
   scsi-bnx2fc

7. Export the finale image

   Export-EsxImageProfile -ImageProfile ESXi-650-custom-hpe-hardened -ExportToBundle -FilePath .\ESXi-650-custom-hpe-hardened.zip
   
   Export-EsxImageProfile -ImageProfile ESXi-650-custom-hpe-hardened -ExportToIso -FilePath .\ESXi-650-custom-hpe-hardened.iso

    Keep the ZIP store anywhere as you can use it for updating and extending the image.